376a14953944492fa2bf8302665ef603686ee5c487c4480ce1c647ee2c38f687 | Triage

Resubmissions

17/06/2024, 08:30

240617-kd5kpswgjq 8

17/06/2024, 08:00

240617-jwdn9s1fkc 8

Analysis

max time kernel
120s
max time network
16s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
17/06/2024, 08:30

Sharing

Report Analysis Logs

General

Target

setup.exe
Size

39.9MB
MD5

55afd7753eec30858712eb293c28cb4f
SHA1

5f83704e55bf432233528a4d5692fac0b6c4eeb2
SHA256

376a14953944492fa2bf8302665ef603686ee5c487c4480ce1c647ee2c38f687
SHA512

ddc6491543950f0b62f3a9b176d14e735710391e05e79b35a6bc9ba52292f8bfa067eb0bb6259b814562ea56338ae987a8c6fdc2c2f1be9d23f04fe032117bc4
SSDEEP

786432:EQWj8nrmKDnueRgcjBH3SZNafHDMbewETGC2FT:EQVnrN6eR5NGNyGg

Score

7^/10

Malware Config

Signatures

Executes dropped EXE 2 IoCs

pid	Process
2388	setup.exe
1336	Process not Found

Loads dropped DLL 2 IoCs

pid	Process
2084	setup.exe
1336	Process not Found

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 2084 wrote to memory of 2388	2084	setup.exe	28
PID 2084 wrote to memory of 2388	2084	setup.exe	28
PID 2084 wrote to memory of 2388	2084	setup.exe	28

C:\Users\Admin\AppData\Local\Temp\setup.exe
"C:\Users\Admin\AppData\Local\Temp\setup.exe"
1⤵
- Loads dropped DLL
- Suspicious use of WriteProcessMemory
PID:2084
- C:\Users\Admin\AppData\Local\Temp\setup-0166bccf5c433fa9\setup.exe
  "C:\Users\Admin\AppData\Local\Temp\setup-0166bccf5c433fa9\setup.exe"
  2⤵
  - Executes dropped EXE
  PID:2388

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

\Users\Admin\AppData\Local\Temp\setup-0166bccf5c433fa9\setup.exe

Filesize
41.9MB

MD5
1abbfb33fb5e9bbaaff41a2da5a0dc7e

SHA1
ef5c2778405a8125db8ed7bf5e25a4f88f7a1ecc

SHA256
6ecdc6ccc3be08f959d7ecdc439c2c4c0f49ee5595e7767be10d28a2d875c1b5

SHA512
8e82d60251f218e74851a0cc011a6a6446ff2125d4b28262c81bdfb63db397d373ba820991fa545eaab03915fc1f4ead8f7fc5cd0ef0c45df2c876f4bdb91e00

Download Submit